Class: Chef::ReservedNames::Win32::Security::Token
- Inherits:
-
Object
- Object
- Chef::ReservedNames::Win32::Security::Token
- Defined in:
- lib/chef/win32/security/token.rb
Instance Attribute Summary collapse
-
#handle ⇒ Object
readonly
Returns the value of attribute handle.
Instance Method Summary collapse
- #adjust_privileges(privileges_struct) ⇒ Object
- #duplicate_token(security_impersonation_level) ⇒ Object
- #enable_privileges(*privilege_names) ⇒ Object
-
#initialize(handle) ⇒ Token
constructor
A new instance of Token.
Constructor Details
#initialize(handle) ⇒ Token
Returns a new instance of Token.
29 30 31 |
# File 'lib/chef/win32/security/token.rb', line 29 def initialize(handle) @handle = handle end |
Instance Attribute Details
#handle ⇒ Object (readonly)
Returns the value of attribute handle.
33 34 35 |
# File 'lib/chef/win32/security/token.rb', line 33 def handle @handle end |
Instance Method Details
#adjust_privileges(privileges_struct) ⇒ Object
57 58 59 60 61 |
# File 'lib/chef/win32/security/token.rb', line 57 def adjust_privileges(privileges_struct) if privileges_struct[:PrivilegeCount] > 0 Chef::ReservedNames::Win32::Security.adjust_token_privileges(self, privileges_struct) end end |
#duplicate_token(security_impersonation_level) ⇒ Object
63 64 65 66 67 68 69 70 |
# File 'lib/chef/win32/security/token.rb', line 63 def duplicate_token(security_impersonation_level) duplicate_token_handle = FFI::Buffer.new(:ulong) unless Chef::ReservedNames::Win32::API::Security.DuplicateToken(handle.handle, security_impersonation_level, duplicate_token_handle) raise Chef::ReservedNames::Win32::Error.raise! end Token.new(Handle.new(duplicate_token_handle.read_ulong)) end |
#enable_privileges(*privilege_names) ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/chef/win32/security/token.rb', line 35 def enable_privileges(*privilege_names) # Build the list of privileges we want to set new_privileges = Chef::ReservedNames::Win32::API::Security::TOKEN_PRIVILEGES.new( FFI::MemoryPointer.new(Chef::ReservedNames::Win32::API::Security::TOKEN_PRIVILEGES.size_with_privileges(privilege_names.length)) ) new_privileges[:PrivilegeCount] = 0 privilege_names.each do |privilege_name| luid = Chef::ReservedNames::Win32::API::Security::LUID.new # Ignore failure (with_privileges TRIES but does not guarantee success-- # APIs down the line will fail if privilege escalation fails) if Chef::ReservedNames::Win32::API::Security.LookupPrivilegeValueW(nil, privilege_name.to_wstring, luid) new_privilege = new_privileges.privilege(new_privileges[:PrivilegeCount]) new_privilege[:Luid][:LowPart] = luid[:LowPart] new_privilege[:Luid][:HighPart] = luid[:HighPart] new_privilege[:Attributes] = Chef::ReservedNames::Win32::API::Security::SE_PRIVILEGE_ENABLED new_privileges[:PrivilegeCount] = new_privileges[:PrivilegeCount] + 1 end end old_privileges = Chef::ReservedNames::Win32::Security.adjust_token_privileges(self, new_privileges) end |